Open XilongPei opened 6 years ago
XilongPei
commented
6 years ago correct concept about mongodb: 鉴权时,用户帐号所属的数据库 and 用户数据所属的数据库 could be different commit: https://github.com/XilongPei/Openparts/commit/4d6d27976c4f65027a163368cd2dbe5f5886ba3e
XilongPei
commented
6 years ago db.createUser(
{
user:"hqw",
customData:{description:"test user_2"},
pwd:"940331",
roles:[{"role":"read","db":"demo"}]
} ) roles:指定用户的角色,可以用一个空数组给新用户设定空角色;在roles字段,可以指定内置角色和用户定义的角色。role里的角色可以选:
Built-In Roles(内置角色):
数据库用户角色:read、readWrite;
数据库管理角色:dbAdmin、dbOwner、userAdmin;
集群管理角色:clusterAdmin、clusterManager、clusterMonitor、hostManager;
备份恢复角色:backup、restore;
所有数据库角色:readAnyDatabase、readWriteAnyDatabase、userAdminAnyDatabase、dbAdminAnyDatabase
超级用户角色:root
// 这里还有几个角色间接或直接提供了系统超级用户的访问(dbOwner 、userAdmin、userAdminAnyDatabase)
XilongPei
commented
6 years ago If you want to just update Role of User. You can do in the following way:
use admin db.updateUser( "xilongpei", { roles: [ { "role" : "readWrite", "db" : "tongji" }, { "role" : "readWrite", "db" : "cars" } ] } )
XilongPei
commented
6 years ago filename could be assigned when saveFile() in GridFSClient commit: https://github.com/XilongPei/Openparts/commit/6b73ac32f377a6f6f0763bde3ce39a5bda79f4f6
XilongPei
commented
6 years ago 再看看我们使用的mongodb java 驱动客户端 MongoClient(addresses),这个可以传入多个mongos 的地址作为mongodb集群的入口,并且可以实现自动故障转移,但是负载均衡做的好不好呢?打开源代码查看:
mongodb 分片集群部署 - 第5张 | 大话运维 http://www.saunix.cn/1207.html
它的机制是选择一个ping 最快的机器来作为所有请求的入口,如果这台机器挂掉会使用下一台机器。那这样。。。。肯定是不行的!万一出现双十一这样的情况所有请求集中发送到这一台机器,这台机器很有可能挂掉。一但挂掉了,按照它的机制会转移请求到下台机器,但是这个压力总量还是没有减少啊!下一台还是可能崩溃,所以这个架构还有漏洞!限于文章篇幅,请待后续解决。
https://jira.mongodb.org/browse/JAVA-2071 In the API documentation for the 3.0+ MongoClient options: http://api.mongodb.org/java/3.0/?com/mongodb/MongoClientOptions.html
When using a List of servers it states:
If this is a list of mongos servers, it will pick the closest (lowest ping time) one to send all requests to, and automatically fail over to the next server if the closest is down.
But with 3.0+ this is no longer true, as described in MongoClientOptions.getLocalThreshold():
Gets the local threshold. When choosing among multiple MongoDB servers to send a request, the MongoClient will only send that request to a server whose ping time is less than or equal to the server with the fastest ping time plus the local threshold.
下一代MongoDB驱动程序中的服务器选择 http://www.mongoing.com/blog/post/server-selection-next-generation-mongodb-drivers localThresholdMS:如果对某个操作而言,存在多个合适的服务器,我们可以用localThresholdMS变量来确定一个基于延迟时间(RTT) 的可接受的”延迟窗口范围”(Latency Window)。以延迟最小的服务器作为基准,所有的服务器如其延迟时间和最小延迟时间的差值小于这个变量定义值,则这些服务器都可以有资格被随机的选中。如果变量设为0,则不使用随机算法,而是选择延迟时间最小的服务器。默认值是15毫秒,意味着有资格的服务器的延迟时间只能有比较微小(15ms)的不同。
XilongPei
commented
6 years ago 如何快速建立副本集?命令行?脚本?显然不是,正解当然是企业版的MongoDB OpsManager,这才是自动化运维利器! http://www.mongoing.com/archives/3326
XilongPei
commented
6 years ago MongoDB writeConcern 需要设置 http://www.mongoing.com/archives/2916 http://www.mongoing.com/archives/3326
https://stackoverflow.com/questions/36127672/mongodb-java-clients-writeconcern-doesnt-work
That's because collection.withWriteConcern(WriteConcern.UNACKNOWLEDGED); generates a new MongoCollection object with a different write concern which you never use:
/* Create a new MongoCollection instance with a different write concern. @param writeConcern the new {@link com.mongodb.WriteConcern} for the collection @return a new MongoCollection instance with the different writeConcern /
MongoCollection withWriteConcern(WriteConcern writeConcern);
The following code:
MongoCollection
从bitnami.com上下载安装包
允许其它机器连接mongodb服务 bind_ip = 0.0.0.0 port = 27017
先关掉系统审计功能,创建admin帐号 vi mongodb.conf
Turn on/off security. Off is currently the default
noauth = true
auth = true
起动mongo客户端程序 $ mongodb
创建帐号有角本: use admin db.createUser( { user: "elastos", pwd: "Elastos182", roles: [ "userAdminAnyDatabase" ] } ) 系统提示:
打开审计开关,重启服务,登录进系统后,审计用户